##// END OF EJS Templates
hgweb: do not ignore [auth] if url has a username (issue2822)...
hgweb: do not ignore [auth] if url has a username (issue2822) The [auth] section was ignored when handling URLs like: http://user@example.com/foo Instead, we look in [auth] for an entry matching the URL and supplied user name. Entries without username can match URL with a username. Prefix length ties are resolved in favor of entries matching the username. With: foo.prefix = http://example.org foo.username = user foo.password = password bar.prefix = http://example.org/bar and the input URL: http://user@example.org/bar the 'bar' entry will be selected because of prefix length, therefore prompting for a password. This behaviour ensure that entries selection is consistent when looking for credentials or for certificates, and that certificates can be picked even if their entries do no define usernames while the URL does. Additionally, entries without a username matched against a username are returned as if they did have requested username set to avoid prompting again for a username if the password is not set. v2: reparse the URL in readauthforuri() to handle HTTP and HTTPS similarly. v3: allow unset usernames to match URL usernames to pick certificates. Resolve prefix length ties in favor of entries with usernames.

File last commit:

r13493:95b0d4c1 stable
r15005:4a43e23b 1.9.1 stable
Show More
test-trusted.py.out
179 lines | 4.1 KiB | text/plain | TextLexer
# same user, same group
trusted
global = /some/path
local = /another/path
untrusted
. . global = /some/path
. . local = /another/path
# same user, different group
trusted
global = /some/path
local = /another/path
untrusted
. . global = /some/path
. . local = /another/path
# different user, same group
Not trusting file .hg/hgrc from untrusted user abc, group bar
trusted
global = /some/path
untrusted
. . global = /some/path
. . local = /another/path
# different user, same group, but we trust the group
trusted
global = /some/path
local = /another/path
untrusted
. . global = /some/path
. . local = /another/path
# different user, different group
Not trusting file .hg/hgrc from untrusted user abc, group def
trusted
global = /some/path
untrusted
. . global = /some/path
. . local = /another/path
# different user, different group, but we trust the user
trusted
global = /some/path
local = /another/path
untrusted
. . global = /some/path
. . local = /another/path
# different user, different group, but we trust the group
trusted
global = /some/path
local = /another/path
untrusted
. . global = /some/path
. . local = /another/path
# different user, different group, but we trust the user and the group
trusted
global = /some/path
local = /another/path
untrusted
. . global = /some/path
. . local = /another/path
# we trust all users
# different user, different group
trusted
global = /some/path
local = /another/path
untrusted
. . global = /some/path
. . local = /another/path
# we trust all groups
# different user, different group
trusted
global = /some/path
local = /another/path
untrusted
. . global = /some/path
. . local = /another/path
# we trust all users and groups
# different user, different group
trusted
global = /some/path
local = /another/path
untrusted
. . global = /some/path
. . local = /another/path
# we don't get confused by users and groups with the same name
# different user, different group
Not trusting file .hg/hgrc from untrusted user abc, group def
trusted
global = /some/path
untrusted
. . global = /some/path
. . local = /another/path
# list of user names
# different user, different group, but we trust the user
trusted
global = /some/path
local = /another/path
untrusted
. . global = /some/path
. . local = /another/path
# list of group names
# different user, different group, but we trust the group
trusted
global = /some/path
local = /another/path
untrusted
. . global = /some/path
. . local = /another/path
# Can't figure out the name of the user running this process
# different user, different group
Not trusting file .hg/hgrc from untrusted user abc, group def
trusted
global = /some/path
untrusted
. . global = /some/path
. . local = /another/path
# prints debug warnings
# different user, different group
Not trusting file .hg/hgrc from untrusted user abc, group def
trusted
ignoring untrusted configuration option paths.local = /another/path
global = /some/path
untrusted
. . global = /some/path
.ignoring untrusted configuration option paths.local = /another/path
. local = /another/path
# report_untrusted enabled without debug hides warnings
# different user, different group
trusted
global = /some/path
untrusted
. . global = /some/path
. . local = /another/path
# report_untrusted enabled with debug shows warnings
# different user, different group
Not trusting file .hg/hgrc from untrusted user abc, group def
trusted
ignoring untrusted configuration option paths.local = /another/path
global = /some/path
untrusted
. . global = /some/path
.ignoring untrusted configuration option paths.local = /another/path
. local = /another/path
# ui.readconfig sections
quux
# read trusted, untrusted, new ui, trusted
Not trusting file foobar from untrusted user abc, group def
trusted:
ignoring untrusted configuration option foobar.baz = quux
None
untrusted:
quux
# error handling
# file doesn't exist
# same user, same group
# different user, different group
# parse error
# different user, different group
Not trusting file .hg/hgrc from untrusted user abc, group def
('foo', '.hg/hgrc:1')
# same user, same group
('foo', '.hg/hgrc:1')